Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sony Rootkit Phones Home

Hemos posted more than 8 years ago | from the the-on-going-saga dept.

Sony 494

strider44 writes "Mark from Sysinternals has digged a little deeper into the Sony DRM and discovered it Phones Home with an ID for the CD being listened to. XCP Support claims that "The player has a standard rotating banner that connects the user to additional content (e.g. provides a link to the artist web site). The player simply looks online to see if another banner is available for rotation. The communication is one-way in that a banner is simply retrieved from the server if available. No information is ever fed back or collected about the consumer or their activities." Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!" Update: 11/07 14:21 GMT by H : Attentive reader Matteo G.P. Flora also notes that an Italian lawyer has filed suit against Sony on behalf of the Italian equivalent of the EFF. Translation availabe through the hive mind. Update: 11/07 15:18 GMT by H : It does appear that in fact Sony does see through the $sys$ - see Muzzy's comment for more details.

cancel ×

494 comments

Sorry! There are no comments related to the filter you selected.

Ha Ha! (5, Funny)

turnipsatemybaby (648996) | more than 8 years ago | (#13969054)

Somewhere in the distance, I hear Nelson shouting, "Ha ha!"

I wonder... (3, Insightful)

jcr (53032) | more than 8 years ago | (#13969056)

What happens if it phones home with a really big packet?

-jcr

Re:I wonder... (4, Funny)

sammy baby (14909) | more than 8 years ago | (#13969061)

Depends on whether it still has minutes left on its plan.

Re:I wonder... (-1, Offtopic)

IdleTime (561841) | more than 8 years ago | (#13969257)

Silly boy!

Only USA has phone plans. Minutes LEFT on a plan? Enligthened societies pay per minute used AFTER they have used the minutes, not paying up front for something that you'll never use. Silly Americans who don't mind beeing ripped off!

My first cell phone aquisition in USA:
Me: Cell phone please!
Store: How many minutes do you want?
Me: How do I know? Depends on how much I use it. maybe 2000 one month and 45 the next.
Store: Then you need at least a 2000 minute plan.
Me: What happens when I don't use 2000 minutes? Do I get a refund? No? I lose them? Idiots!

Ended up getting a phone where I buy pre-paid cards, maybe more expensive per minute, but at least I can use all the minutes hence for me it's cheaper. Phone companies here are in the stoneage, just like banks. When I moved here I had not seen a check book in 20 years, 1979 was the last time I got a check book from a bank back home. After that it was all electronic more or less. Stupid, just as money orders. I have to withdraw money from an ATM, buy money orders for the amount I need to pay (rent) and then physically drop it off at the leasing office. How utterly inefficient and pre-historic way of doing business.

Re:I wonder... (-1, Offtopic)

utnow (808790) | more than 8 years ago | (#13969335)

checks are still used in some places so the banks typically must give them out.

phones USED to work that way here (pay per minute as you use it) but people don't like knowing that each minute is costing them $.10 so they changed to this system of 'plans'. Cingular actually rolls over the minutes so you get 200 a month and at the end of the month whatever you haven't used goes towards the next month. if you don't use them then in a few months you could be sitting on several thousand minutes.

Apartments in the US are generally inhabited by the lower end of society. As a result the leasing offices are forced to be strict about getting the payments in physically in certain forms (aka, no personal checks typically). Also, electronic payment systems usually charge a % of each transaction, so if that were used, either it would cost them more to take lease payments, or your rent would go up (most likely the later).

finally... you're a moron.

Re:I wonder...NOT (2, Interesting)

BoRegardless (721219) | more than 8 years ago | (#13969256)

Lest anyone at Microsoft or Sony not understand why they don't "hear from my XP box"...

It is because the damned thing is NEVER allowed online!

And if and when I eventually go to VISTA, I won't allow it to go online either.

Microsoft has simply created an unbelievable amount of ill-will and lack of trust in me.

My Macs are the only thing I trust to go online, with the exception of running XP in emulation on my Mac.

Re:I wonder...NOT (0)

Anonymous Coward | more than 8 years ago | (#13969330)

It is because the damned thing is NEVER allowed online!

Sorry, if you can post on /. our rootkit can access the sony.net (tm) as well.

Uh Oh (5, Funny)

Honig the Apothecary (515163) | more than 8 years ago | (#13969058)

I smell a DMCA violation on the /. front page! Cue the Sony lawyers in 4..3..2....

Re:Uh Oh (4, Informative)

SatanicPuppy (611928) | more than 8 years ago | (#13969098)

Heh. But you're circumventing their copy protection using their invasive DRM package. So aren't they to blame for the circumvention? They wrote the code, after all, and adding "$sys$" to a filename is as trivial as holding down the shift key, and the shift key lawsuit was thrown out of court. If only someone else could sue them...

I think Blizzard in particular has a good case against them, since their crazy DRM is being used to circumvent some of Blizz' anti-cheating measures.

Re:Uh Oh (1)

TheRaven64 (641858) | more than 8 years ago | (#13969118)

Now, I'm not a lawyer, and I'm not 100% familiar with the laws in question, but I seem to recall that DMCA violations are criminal, not civil, offences. This means that the state gets to decide who to prosecute, not the victim (which was why the Skylarov case continued after Adobe tried to drop it). In this case, couldn't the state (acting on behalf of Sony) prosecute Sony for DMCA violations?

Rip It....Rip It Good (5, Informative)

Anonymous Coward | more than 8 years ago | (#13969059)

CDex 1.51 had no issues ripping this CD.

No (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13969113)

Two wrongs don't make a right, twatburger.

Re:No (-1)

Anonymous Coward | more than 8 years ago | (#13969136)

ripping's not illegal dickweed.

NO you are WRONG (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13969185)

It is illegal in this case, because you are bypassing Sony's DRM. If you don't like their terms, take the CD back, or don't buy it in the first place. My original point stands. PS your insult was rubbish.

Re:NO you are WRONG (1, Informative)

Anonymous Coward | more than 8 years ago | (#13969220)

What DRM? No autoplay, no EULA, no DRM.

Re:NO you are WRONG (0)

Anonymous Coward | more than 8 years ago | (#13969284)

Just because it is illegal does not make it wrong.

Re:NO you are WRONG (5, Insightful)

meringuoid (568297) | more than 8 years ago | (#13969288)

It is illegal in this case, because you are bypassing Sony's DRM.

Ah, but you didn't say illegal, you said wrong. The equation of the two is perhaps the greatest threat to liberty in the modern world.

Re:Rip It....Rip It Good (4, Insightful)

meringuoid (568297) | more than 8 years ago | (#13969153)

I've never met anything that cdparanoia couldn't handle, unless it was scratched to death; IIRC, CDex uses cdparanoia as its ripping engine, so it should have the same uber ripping powers.

AFAIK, the rootkit is the only protection on this CD. As they admit, it looks like a normal CD to an Apple computer - and, of course, to a Linux computer. And, for that matter, to a Windows computer with Autorun disabled... I do enjoy a truly pathetic copyrestriction system, don't you?

Re:Rip It....Rip It Good (5, Insightful)

ModernGeek (601932) | more than 8 years ago | (#13969238)

If it installs this rootkit through autorun when you put the CD into your Windows machine, how is this any different from a worm? Just because it isn't spread through the internet doesn't change the fact that it is a virus.

Re:Rip It....Rip It Good (5, Informative)

meringuoid (568297) | more than 8 years ago | (#13969268)

If it installs this rootkit through autorun when you put the CD into your Windows machine, how is this any different from a worm? Just because it isn't spread through the internet doesn't change the fact that it is a virus.

It doesn't automatically self-propagate, so it isn't a worm. Nor does it infect files and piggyback on them to infect other machines; it isn't a virus. This particular piece of malware comes attached to something the user wants (i.e. a music CD) without his knowledge, and proceeds to infect his machine, but makes no attempts to spread itself to other machines. That makes it a trojan.

Re:Rip It....Rip It Good (5, Insightful)

ModernGeek (601932) | more than 8 years ago | (#13969324)

The way I heard it, it sounded like it was copying itself from the CD to the machine without the users consent. I assumed this would be called a virus as it is replicating itself. Maybe trend micro's quiz didn't educate me very well

After finding more information about it, it sounds as if it blocks programs from accessing the CD drive that are in sony's list.

Step 1: Rename your Windows Server App to ITUNES3.EXE
Step 2: Put all the config files for that server app on a CD
Step 3: Insert Sony music CD into secondary drive
Step 4: The DRM that installed itself without your consent crashed your mission critical server. Sony is liable!
Step 5: ???
Step 6: Profit!

Re:Rip It....Rip It Good (1)

Tim C (15259) | more than 8 years ago | (#13969334)

I do enjoy a truly pathetic copyrestriction system, don't you?

Personally, I prefer them to truly effective copy restriction systems...

The market provides! (1, Insightful)

dada21 (163177) | more than 8 years ago | (#13969060)



Instead of rushing in and demanding a law to battle this "problem," just leave it alone. The market continues to provide exactly what people want.

Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.

You're responsible for checking out a product before buying it. I won't buy any music ROM disc that doesn't have the "CD" certification logo, unless it is from an indie band. I still rip eve y CD from a CD player with an optical out into my PC. Safety first.

If Sony doesn't get a lot of backlash over this system, others will adapt it. I am not buying any more Sony CDs, but I'll buy other products from other divisions.

  I see no reason to cry wolf here. You are buying their product. If you find something you don't like, someone will adapt it for your uses.

For those wanting a la , remember you likely supported the same political parties that enacted the DMCA, copyright extensions, and other tyrannical laws. Stop voting in the booth, vote in the checkout aisle.

Re:The market provides! (0)

rafleming (825583) | more than 8 years ago | (#13969075)

Honestly... do you live in a cave?

Re:The market provides! (5, Insightful)

Anonymous Coward | more than 8 years ago | (#13969079)

Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.

You're responsible for checking out a product before buying it. I won't buy any music ROM disc that doesn't have the "CD" certification logo, unless it is from an indie band. I still rip eve y CD from a CD player with an optical out into my PC. Safety first.


You obviously never read the original article. Sony didn't advertise in any way shape or form that this was on the CD, so even you wouldn't have been able to "check out" the product before buying it!

Re:The market provides! (0)

OverlordQ (264228) | more than 8 years ago | (#13969264)

If you ignore the EULA given then yes, it wasn't 'advertised'

Re:The market provides! (5, Insightful)

marika (572224) | more than 8 years ago | (#13969296)

Isn't it a problem if you can't read the EULA before buying the product? And since you unpacked the CD you are actually stuck with it.

Re:The market provides! (0)

Anonymous Coward | more than 8 years ago | (#13969319)

Is it just me, or when this stuff happens, is sony always on the frontlines? Even when an article states that the *aa did this or that, isn't sony usually the instigator?

From now on, I will not buy sony anything, if I can help it. Not dvd players, or headphones, and certainly not media produced by sony. There is always an equivalent alternative.

Re:The market provides! (5, Insightful)

phil reed (626) | more than 8 years ago | (#13969086)

Of course, this presumes that the product and the producer don't take active steps to deceive the consumer, and presumes a technically-sophisticated consumer capable of analyzing the technology involved. Your idealistic scenario kind of falls flat when it runs into the real world.

Re:The market provides! (5, Interesting)

Vokkyt (739289) | more than 8 years ago | (#13969107)

Well, even though it IS possible to just not buy the stupid Sony CDs, the issue is that there is no denying that Sony is a major market force, and as a major market force, it is going to serve as a template to other companies. Yeah, others probably will copy this and that is the issue.

If others are apathetic about it, then that's fine, but they shouldn't complain when people who do care want to take issue with Sony's actions. If enough consumers take issue with it now, the message will become clear enough in the baby-stages of the new CD DRM that at least some companies will refrain from doing this. The idea isn't to just complain over a little thing, but to stop something that people do not want to happen. I don't see an issue with that.

And it's not necessarily that anyone denies Sony's rights to provide this either; people simply do not want it, or are indifferent to it. Those who are indifferent shouldn't care either way, and those who don't want it shouldn't have to have it, and as a corporation, Sony should listen to the consumers a little and realize this is technology that people do not want.

Of course, this leads a lot into the discussion of wanted technology vs unwanted technology and how a lot of the larger corporations nowadays just put enough money into things so that they live long enough to be considered common place, and hence gain acceptance, which is altogether a frustrating business model which made me stop watching television long ago...but yeah...different topic.

Re:The market provides! (4, Insightful)

stinerman (812158) | more than 8 years ago | (#13969109)

Stop voting in the booth, vote in the checkout aisle.

You know as well as I do that if you don't do the bidding of the right people, you won't find yourself with any "shelf space". Its white bread or wheat bread, anything else is illegal. Feel free to vote in the checkout aisle, just don't complain to anyone when your rye bread is nowhere to be found.

Re:The market provides! (5, Interesting)

leuk_he (194174) | more than 8 years ago | (#13969140)

Yes, that is what the sony reaction look like. They just behave as this is a non-issue.

But, by not adding an uninstaller, not putting it it in the EULA what it is doing and playing the blaim game to apple*, their software is not better than the worst spyware. They think they can install anything on a users PC, but this might be plain illegal.

If you do not care about spyware and viri, please let it pass, but if you care for your privacy and/or your pc you should not "vote with your wallet", but name it what it really is.

*(their faq keep babbling you can not transfer it ot itunes because apple did something to make their api incompatible, instead of watching their DRM solution)

Re:The market provides! (1)

rheotaxis (528103) | more than 8 years ago | (#13969239)

I agree that Sony will lose some market segment over this, but how big is that segment compared to the one that doesn't care, because its mostly ignorant? Still, laws sometimes slow things down, or speed things up, and always create unintended consequences, so usually less law is better. Besides, nothing is perfect, ever. Laws and markets are arbitrary social mechanisms, and thus both have similar problems. We need both, we use both, so the human species needs to improve the implementation of both together.

Besides, no law will prevent me from rearranging the digital bits on any physical media I pay for.

Re:The market provides! (1)

Artifakt (700173) | more than 8 years ago | (#13969267)

Classic Straw Man you've got there. Who's demanding more laws here? At a generous estimate to your claim, 80-90% of the posters here are 'demanding' only the uniform enforcement of meatspace related laws which have existed for hundreds of years in our system, laws against fraud, trespass, or other basic violations. A good portion of the 'slashdot set' is argueing for the exact opposite, the repeal of or more existing laws, such as the DCMA.
        Oh, but they don't identify themselves as anarcho-capitalists. They aren't all stopping voting and thus allowing the businesses they disagree with to join with portions of the government in mischaracterizing them as apathetic consumers, 'pirates' or natural members of the criminal class.
        If you, yourself, don't like the Sony rootkit, then you're committing the classic mistake that cripples and disempowers you, demanding ideological purity tests from people who actually agree with you on this point, instead of working from your area of agreement, and adopting whatever solutions seem most effective.
        The "crying wolf" remark is equally telling here. You're about the third poster to this thread. The article itself seeems to be rather higher on actual hard facts than is slashdot standard (admittedly not a very tough test). Who's (figuratively) 'crying wolf'? Who even managed to post ahead of you? Even including earlier threads on the Sony DRM system these have also tended to have at least a few facts included, and the ratio of posters discussing actual facts has been pretty fair. How about waiting until someone actually yells "The sky is falling!" before you bring out that old chestnut about the chicken?

Re:The market provides! (3, Funny)

saltydogdesign (811417) | more than 8 years ago | (#13969269)

Yeah, let's demolish the entire system of law while we're at it -- I'm sure the market will provide something better.

Re:The market provides! (5, Interesting)

karmawarrior (311177) | more than 8 years ago | (#13969282)

I have to say I generally agree. There is a fundamental problem though in that most people lack the knowledge to realise that simply because something is sold as a CD, in with all the other CDs, looking identical to all the other CDs, with little or no warning on the packaging that it's not a CD save, in a minority of cases, for text that looks more like legalese worded to appear to be suggesting extra benefits of the package rather than to actually suggest the package is crippled, doesn't mean that, in fact, they are getting a standard "red book" CD. The fact that such widespread ignorance exists means that any content producer that wants to can actually remove their products from the market, as far as those who prefer open formats are concerned, and can only sell non-CDs, and all the incentives exist to actually encourage content publishers to do this.

If something isn't done about this soon, clearly network effects will result in pretty much every "CD" being DRM-encumbered, containing, as Sony did, software that actively damages the configuration of the systems the CD is meant to play upon. However, it would be entirely wrong to hold companies like Sony to account for this. They, after all, are merely trying to make money. It is entirely right that they should do so by taking advantage of ignorance to encourage people to do things that are entirely not in their best interest. If businesses were not able to do this, if businesses had incentives to make money when honest, then freedom itself would be at risk. Liberty would be in peril.

What kind of "choice" is it where you do not need to be a technology geek to decide whether or not to buy a "CD" of music? What kind of "freedom" does one have if every vendor of cellular service is telling the truth about their talk plan prices? How are we free if we do not, in practice even if we rarely do, have to hire a lawyer before taking a job or even installing software? Can we be described as supportive of liberty when a shop cannot put a price label on an item that actually reflects the retail price minus some "mail in rebate" the customer might not even qualify for, and if they do, might not get anyway?

Those who defend the intervention of government into these matters ignore market forces. Just as, say, if people like purple cars, the market will eventually end up producing purple cars, so it follows that what we're seeing here is market forces. People, through their unwillingness to spend every waking moment researching every aspect of the products they buy before they buy them, refusing to visit factories to determine environmental and employment issues, refusing to educate themselves about 14 bit 44.1KHz encoding, refusing to examine the contracts of the artists who produced the works, refusing to understand the lower level Win32 APIs and the registry, refusing to even design proxy-device drivers to understand these basic concepts, demonstrate that they want ignorance, and they consider being taken advantage of, being fooled, as actually a thing of value. We cannot have honesty in business when the market wants dishonesty.

But, no, there are those who want to smother consumers in regulation and red-tape. They want to prevent consumers from getting the products and services they deserve. And why? Because the more dishonest the market becomes, the more they scream and think something needs to be done.

This quagmire of people complaining about the market when the market is actually providing them with what they asked for will not disappear by itself. Resources need to be devoted, and unless people are prepared to actually act, not just talk about it on Slashdot, nothing will ever get done. Apathy is not an option.

You can help by getting off your rear and writing to your congressman [house.gov] or senator [senate.gov] . Tell them that the market is important to you. Tell them that you appreciate the work being done by Sony, Steam, Kevin Jones Staples and Office Depot, Ford Motors of Luton, MCI Worldcom, and others to cater for a market comprised of ignorant dolts who refuse to educate themselves about obvious things like CD Audio data formats but that if politicians continue to meddle in the market, promoting honesty and good business, you will be forced to use less and less secure and intelligently designed alternatives. Explain the concerns you have about freedom, openness, and choice, and how consumer protections and holding companies to account for sleazy, deceptive, business practices understanding harms all three. Let them know that this is an issue that effects YOU directly, that YOU vote, and that your vote will be influenced, indeed dependent, on their policies on protecting consumers.

You CAN make a difference. Don't treat voting as a right, treat it as a duty. Remember, it was thanks to ordinary people like YOU that we are now seeing such innovations as SMP in OpenBSD. Keep informed, keep your political representatives informed on how you feel. And, most importantly of all, vote.

Re:The market provides! (2, Insightful)

Haeleth (414428) | more than 8 years ago | (#13969310)

Instead of rushing in and demanding a law to battle this "problem," just leave it alone. The market continues to provide exactly what people want.
Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.


And that's exactly why we have the responsibility to make a big fuss about it.

When someone does something bad, we, as responsible citizens, have to educate others about it. We have to make a big fuss so that people realise why they shouldn't want CDs infected with DRM. To remain silent would be to give consent for Sony and pals to keep right on shafting us.

Voting with your wallet is a good start. But we need soapboxes too. There's no point voting with your wallet if nobody knows what you're doing or why.

No information (5, Insightful)

Threni (635302) | more than 8 years ago | (#13969064)

"No information is ever fed back or collected about the consumer or their activities."

Other then your IP address, date and time it's connected to the net, the CD you're listening to, how often you listen to it...

Re: No Information (0)

Anonymous Coward | more than 8 years ago | (#13969164)

DING DING DING !!! We have a winner!!!!!

Its amusing how often people forget just what information IS collected is a situation like this. The attitude of, 'unless its reading my hard drive', its not collecting data...

Not like it matters, but my boycott of purchasing CD's and DVD's continues...

Re:No information (4, Funny)

jcr (53032) | more than 8 years ago | (#13969205)

And anything else the botnet operator who uses Sony's holes to own your machine wants to know.

-jcr

Re:No information (1)

martijn-s (456925) | more than 8 years ago | (#13969235)

Well, as Apache does not automatically store form fields in the log files, that would be limited to:

ip address, date, time

Re:No information (2, Interesting)

martijn-s (456925) | more than 8 years ago | (#13969266)

Okay, that's not quite true :) I just noticed that my server provider did customize the logs.

Why is this posted in games? (4, Insightful)

PhotoBoy (684898) | more than 8 years ago | (#13969065)

Is it the game of working out ways to piss off Sony by circumventing their crappy DRM?

Wow, users like Sony's Rootkit (4, Informative)

slashnutt (807047) | more than 8 years ago | (#13969068)

The Register [theregister.co.uk]
World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect.

----
Did you like the placement of the comma?

Re:Wow, users like Sony's Rootkit (0)

Anonymous Coward | more than 8 years ago | (#13969170)

Wonder how Sony will like their rootkit when Everquest users start using it? If they haven't already.

Sony DRM (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13969069)

This whole Sony DRM thing makes me madder than a raghead in Paris. Are we sure that this is legal? Please don't tell me that it's legal because I implicitly agreed to some EULA, that shouldn't affect the legality of it, and if it does, that's wrong.

Isn't there some law enforcement official in some country that is willing to do something about this?

And why is this under games?

In Sony's Japan... (5, Funny)

w.timmeh (906406) | more than 8 years ago | (#13969072)

DRM software bypasses... itself?! Wait...

Obligatory Soviet Russia Joke (0, Offtopic)

Vampyre_Macavity (826127) | more than 8 years ago | (#13969151)

In Soviet Russia . . . DRM bypasses YOU!

Re:In Sony's Japan... (1)

alta (1263) | more than 8 years ago | (#13969265)

Yeah, I was just thinking to myself... "Self, why don't you go out and buy a CD with this on it. Then I can cheat warcraft (which I don't play), burn an CD I want, and otherwise trick my system whenever I need to"

Then again, I haven't bought a CD since the day I downloaded napster. Remember, the original?

Re:In Sony's Japan... (3, Informative)

muzzy (164903) | more than 8 years ago | (#13969343)

It would've indeed been super funny. However, the rootkit is made so that processes starting with $sys$ can see all files and processes that begin with $sys$ ... Try it with task manager, command prompt, or even explorer.exe (just kill the already running instance first)

Something else let me rip the track the first time, so the DRM system probably bugs. Every other time I tried, that trick didn't work. I'll know more when I've finished analyzing the rootkit, but it's taking time...

Poetic Justice (0)

Anonymous Coward | more than 8 years ago | (#13969082)

"You can use the Sony rootkit itself to bypass their own DRM!"

Hopefully that alone will stop the record companies from attempting this type of method again, but I doubt it.

Anyone know if the "phone home" is in the EULA? (5, Interesting)

RandoX (828285) | more than 8 years ago | (#13969085)

I don't have (and don't plan to buy) one of these CDs, but I would think that any external communication or use of your net connection would have to be disclosed in the EULA. It could be covered in some legalese catch-all such as "as necessary to provide enhanced services", etc. This is the kind of reason I'm immediately suspicious of anything that begins, "For your convenience"... It rarely is.

Re:Anyone know if the "phone home" is in the EULA? (1)

jdaluz (512425) | more than 8 years ago | (#13969252)

Maybe I missed something...since when does a music CD have a EULA?

Re:Anyone know if the "phone home" is in the EULA? (2, Informative)

RandoX (828285) | more than 8 years ago | (#13969340)

I did some looking and found the EULA [sysinternals.com] online. To answer my own question, it doesn't seem to mention the "phoning home".

You can use the Sony rootkit itself to bypass (-1, Redundant)

pkvon (899533) | more than 8 years ago | (#13969087)

... their own DRM!"

<Nelson>HAHA</Nelson>

Re:You can use the Sony rootkit itself to bypass (1)

moon-monster (712361) | more than 8 years ago | (#13969119)

Actually, if you look further down the comments, you'll find another post by Matt Nikki saying that he tried it again and it didn't work, so either he got lucky one time or something strange is going on.

See here [sysinternals.com]

LGPL violation? (5, Interesting)

Anonymous Coward | more than 8 years ago | (#13969095)

comment posted by Matti Nikki :
Also, go check Contents\GO.EXE in the cd and search for string "LAME". This is possible LGPL violation, since LAME mp3 library has been statically linked against the executable. You can see that version.c has been compiled in since it generates those version strings, and I found tables.c as well. Didn't locate any code though, apparently removed by optimizing compiler due to being unreferenced, but I couldn't test for all LAME code as I don't have proper tools available (such as sabre-security bindiff)

Re:LGPL violation? (0)

yakumo.unr (833476) | more than 8 years ago | (#13969178)

Mod up parent, i'd love to see this investigated more thoroughly!
heard someone mention this in less detail in the prewvious news peice on Sony.

Common sense violation? (3, Informative)

Anonymous Coward | more than 8 years ago | (#13969328)

Don't get your panties in a wad, genius. The LAME string exists because that is one of the pirate programs that the DRM software specifically looks for. Simply having the string in your program doesn't make it a LGPL violation. That would be LAME.

Duh.

Brilliant marketing (5, Funny)

Slashdiddly (917720) | more than 8 years ago | (#13969126)

I have to hand it to Sony marketing execs. Ordinarily they would be hard-pressed to sell even a few dozen copies of that CD. Throw in some DRM and now you have millions of geeks buying the CD trying to break it (or verify somebody else's claims of having broken it). That stuff is so good you can't even torrent it.

Re:Brilliant marketing (0)

Anonymous Coward | more than 8 years ago | (#13969243)

plus all the hackers and script kiddies buying the cd just to get the root kit.

What if. . . (4, Interesting)

smooth wombat (796938) | more than 8 years ago | (#13969130)

you're not connected to the net? I know, horrible thought to comprehend but there are those of us who aren't plugged in 24/7.

What happens then? Do you get an error message? Does the CD not play? What if you block the ad retrieval via your firewall?

What if I turn off the monitor and walk away while the CD plays? Am I stealing ala Jack Valenti and not watching commercials on tv?

Utterly Laughable (5, Insightful)

yakumo.unr (833476) | more than 8 years ago | (#13969132)

These copy protection schemes are NEVER goign to work as long as the content is still available to play on regular cd players. Even if it's not, it will be hacked as long as some hacker thinks it might be an amusing way to spend an afternoon.

why are sony SO unbeleivably stupid as to think otherwise. They must be wasting hundreds of thousands of pounds on this utterly useless rubbish, that even the least technical of people can bypass.

These things are so childish no hacker would even bother with them, as stated this one even defeats itself!
It only takes one breach to distribute a copy, why piss off thousands of genuine paying clients?

The mind boggles, the only people winning are the copy protection companies living happy lives doing nothing but ripping Sony off.

aren't they supposed to do maketing studdies on things before release?
maybe employ a 16 year old to independantly test the schemes for them rather than taking the word of the people selling them this rubbish
(I'd have said 10 year old but it wouldn't be legal)

revenue lost to purchasing clients who will have to return product as it wont run. $X,0000
revenue lost to potential clients who will be scared off buying in the first place. $Y,0000
estimated reputation damage to company. priceless.

estimate of no. of pirated copies prevented. ZERO.

Re:Utterly Laughable (3, Insightful)

sqlrob (173498) | more than 8 years ago | (#13969161)

estimate of no. of pirated copies prevented. ZERO.

Actually, that's probably in the negative. How many are going to pirate that weren't simply because they aren't going to trust Sony CDs not to do anything to their computer from now on?

great... (5, Insightful)

archen (447353) | more than 8 years ago | (#13969135)

So you can use their own rootkit to bypass their own DRM. And exactly what level of control do you even have at the point where you are screwing with a rootkit to rip CD's on your own computer?

I hope Microsoft is paying attention here, because this could set an EXTREMELY bad trend here. Why do we have these "certified" drivers? Because a lot of them were crap. Now we have software injecting stuff directly into the OS. I can't say this is going to help MS in the security and stability department.

The $sys$ prefixing thing was apparently wrong :( (5, Informative)

muzzy (164903) | more than 8 years ago | (#13969137)

Just my luck, when I make it to slashdot it's something I've analyzed wrong. I tested to rename my ripping software to begin with $sys$ and it ripped it fine, but apparently something else was the deciding factor. I can't reproduce that effect!

There's definitely something fishy going on, however, with two magic lists in the DRM system (one in installer, one in $sys$DRMServer.exe), and the drmserver scans running processes and open windows, testing them against those lists. So far I haven't figured what it does when it finds a match. The code is written in C++ and although I've found the function call, it's virtual and I need to figure which vtable is being used and it's bitchy without a debugger. I'm not going to run this crap on my development systems, and my test machine doesn't even have net access, too much work to setup debuggers on it just yet :(

Anyway, the lists for everyone to see:
http://hack.fi/~muzzy/sony-drm-magic-list.txt [hack.fi]
http://hack.fi/~muzzy/sony-drm-magic-list-2.txt [hack.fi]
The first one is from installer, the second from drmserver

Re:The $sys$ prefixing thing was apparently wrong (0)

Anonymous Coward | more than 8 years ago | (#13969234)

OOPS! It appears I was wrong about being able to hide the ripping software with $sys$ prefix! However, during my first test it DID work, so something's going on. Looks like I'll have to disassemble the damn thing to be sure.

# posted by Matti Nikki : 11:36 AM, November 06, 2005
 

Re:The $sys$ prefixing thing was apparently wrong (1)

bhtooefr (649901) | more than 8 years ago | (#13969251)

Get yourself a trial of VMWare or Virtual PC, and throw Win2K on there.

That way, you'll have a sandbox to play in on a net connected machine.

Re:The $sys$ prefixing thing was apparently wrong (2, Interesting)

Anonymous Coward | more than 8 years ago | (#13969276)

Call me crazy, but why don't you use a prog from the magic list to rip a protected cd under the watch of ye ol rootkit? I'm sure it's intentions will be revealed!

What's the EFF (0)

Anonymous Coward | more than 8 years ago | (#13969139)

What's the EFF?

Re:What's the EFF (1)

beisbol (173766) | more than 8 years ago | (#13969232)

Bypassing ripper detection (1)

91degrees (207121) | more than 8 years ago | (#13969141)

Wouldn't simply renaming the ripper software have pretty much the same effect? It looks like the DRM simply compares the executable name with its list of executables and does stuff depending on the name.

Re:Bypassing ripper detection (1)

L0k11 (617726) | more than 8 years ago | (#13969250)

i'm no geek, but most ripping software would (i'm guessing) have to call an external dll/program (even just to access the media) to do all the work... so maybe thats why it cant be reproduced?

and the rootkit could/maybe/does block the dll?

In other related news... (5, Informative)

xtracto (837672) | more than 8 years ago | (#13969152)

SysInternal's Mark Russinovich has posted a new entry about Sony's XCP DRM technology. [sysinternals.com]

According to his post, it seems Sony's fix "patch" makes a little "contact home" contacting Sony servers. This even when sony claims that their software didnt made contact with them.

Slashdot covered previously [slashdot.org] the intial XCP rootkit story.

The inquirer [theinquirer.net] has an interesting article on the Sony DRM technology overall.

And it seems community have found several alternate uses for the XCP technology which include hiding game cheating software [theregister.co.uk] and even to bypass DRM technology [sysinternals.com]

Re:In other related news... (0)

Anonymous Coward | more than 8 years ago | (#13969189)

Sony DRM technology calls home. Monday November 07, @09:01AM Pending
Sony DRM technology may be worst than it seems Monday November 07, @08:12AM Rejected

One just wonders why...

BTW, I updated my DRMd CD's list... [slashdot.org]

Yeeeaaaah (0)

Anonymous Coward | more than 8 years ago | (#13969157)


Gotta get me a Sony cd. with that i can copy cds, passby anti-cheating software in games, even install a few trojans/viruses/worms muhahahahaha...

I just love technology when it comes from the brilliant minds from Sony.

Thank you Sony, you have just set back security on the pc 10 years. oohh the possibilities...

The solution: (1)

rokka (631038) | more than 8 years ago | (#13969168)

I've bought perhaps 8-10 CDs with "copy protection" over the past few years. Some of these where so crippled that my (very old but functional) CD-player wouldn't play them. The solution? Make a copy!
I still have not come across a CD that won't rip through standard Linux GUI applications Kaudiocreator and/or grip. Usually I start with Kaudiocreator which will rip 90% of copy protected CDs. If it doesn't work out, I think perhaps they manufacture rw-errors on the disc, I switch to grip which will rip the remaining 10%.
This is a hassle for me, and it's ridicules that I have to make a copy of my CDs in order to play them, but it's not a real problem since open source CD-ripping software obviously is superior their Windows equivalent.

Re:The solution: (1)

RandoX (828285) | more than 8 years ago | (#13969194)

The latest CDex rips these just fine on Windows.

I need to thank Sony (2, Insightful)

melgish (687818) | more than 8 years ago | (#13969172)

I've always been under the impression that Japanese companies (or those largly held by) were a bit more ethical than their American counterparts. Sony has proven to me that my impression was completely in error. Unless they come very clean, very quickly, I will do my utmost to avoid purchasing any Sony product ever again, be it a new cam corder, an entertianment system...or even blank media.

Re:I need to thank Sony (4, Informative)

Frankie70 (803801) | more than 8 years ago | (#13969209)


I've always been under the impression that Japanese companies (or those largly held by) were a bit more ethical than their American counterparts. Sony has proven to me that my impression was completely in error.


http://www.sonybmg.com/management.html [sonybmg.com]

2 Americans, 1 Australian & 1 European.

Detecting and removing the rootkit (1)

91degrees (207121) | more than 8 years ago | (#13969174)

Does anyone know how safely detect and remove this without relying on the Sony download? For some reason, I don't trust it not to install the software if I don't already have it.

30 comments and no "ET Phone Home" one yet (2, Funny)

xmas2003 (739875) | more than 8 years ago | (#13969175)

here 'ya go [google.com] ... which raises an interesting question - what if ET tries to play a Sony CD - what is the timeout option for the "phone home" packet if the ping times are overly long?

I got a bad feeling about this... (2, Insightful)

altoz (653655) | more than 8 years ago | (#13969183)

I could see Sony continuing this with their memory sticks. What's to stop them from installing a rootkit anytime you got a digital camera or an mp3 player from them?

Re:I got a bad feeling about this... (0)

Anonymous Coward | more than 8 years ago | (#13969225)

> I could see Sony continuing this with their memory sticks.

Or a whole computer!

> What's to stop them from installing a rootkit anytime you got a digital
> camera or an mp3 player from them?

A non-Windows OS, generally.

"digged"? (1)

noewun (591275) | more than 8 years ago | (#13969187)

Is proper English that hard?

Re:"digged"? (1, Funny)

Anonymous Coward | more than 8 years ago | (#13969253)

It's a perfectly cromulent word.

Sony sues... Sony ! (1, Funny)

timlewis_atlanta (195776) | more than 8 years ago | (#13969188)

>>You can use the Sony rootkit itself to bypass their own DRM!"

Isn't that a DMCA violation ? Sony had better do something about this by suing ... uh ... Sony.

Apparently their new business model is something like this : (Cue Underpant Gnomes)

1. Release rootkit into the wild, including ability for it to bypass your own copy protection.
2. ?
3. Sue self into oblivion. Wait, shouldn't item 3 be "Profit" ?

Re:Sony sues... Sony ! (1, Funny)

whathappenedtomonday (581634) | more than 8 years ago | (#13969290)

3. Sue self into oblivion. Wait, shouldn't item 3 be "Profit" ?

No, better make item 3

3.) recursion: n., see recursion

This will keep them busy for years!

Are we really suprised? (1)

8127972 (73495) | more than 8 years ago | (#13969219)

"Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!"

This of course brought to you by the same people who brought out copy protection that was defeated by a magic marker.

Why would you do this? This is stupid. (4, Insightful)

Biotech9 (704202) | more than 8 years ago | (#13969226)

Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!"

All I've seen from people on this issue are ways to get around the DRM. Yes, there are MANY ways to get around it, audio line-out to a DAT or an iPod, using linux, a mac, CDex, Audiograbber, Audiohijack-pro...

But that is all just retarded, if you're buying this CD and you use it as Sony want you to use it, it is NO different than if you buy the CD and rip it with some workaround. Sony don't SEE a difference. The MP3s will be on DC++ anyway, it's not like they will lose sales to people ripping it for their iPods or whatever.

And if you do buy the CD, (regardless of wheter you rip it or not) you have just voted. Corporations are the Governments of today and with your purchase you vote. And buying any content protected CD regardless of what you do with it is a VOTE to Sony that DRM is acceptable to you. And that means next time it won't be some crappy nobody C&W CD that is taking over your PC, it'll be the big Sony acts. And then the big EMI acts and WB acts and so on.

Vote with your cash, buy non-DRM encumbered CDs or else just steal it. I'd prefer to take the moral issues and risk of stealing rather than just be Sony's bitch and install their shitty rootkit on my computer.

Re:Why would you do this? This is stupid. (1)

xtracto (837672) | more than 8 years ago | (#13969325)

Vote with your cash, buy non-DRM encumbered CDs or else just steal it. I'd prefer to take the moral issues and risk of stealing rather than just be Sony's bitch and install their shitty rootkit on my computer.

Or better yet, buy your music from cheaper and DRM-free [allofmp3.com] places.

WTF? (1)

nurb432 (527695) | more than 8 years ago | (#13969248)

So not only do they infect my PC, but now i have to get ads just to listen to some music?

Very backward thinking on Sony's part (5, Insightful)

mcgroarty (633843) | more than 8 years ago | (#13969280)

I'm no copyfighting warrior. I buy all my music because I enjoy supporting the industry that makes it available to me. That said, it sure seems to me that all Sony are doing here is removing the incentive to purchase their CDs. Not only do you face the possibility of not being able to rip as you please, but you face the possibility of screwing up your system by buying Sony CDs.

What's the goal here? To stop the people who buy CDs and rip copies for a few friends... by driving everybody to rely on safer online distribution exclusively?

NPR had it... (2, Interesting)

DarkSarin (651985) | more than 8 years ago | (#13969281)

NPR had a story about this, and did a reasonable job of it. If they would cover it a few more times as things progress, maybe Sony will get the picture.

Currently I own 2 Sony products--a Clie and a Cybershot. If this kind of thing continues, however, I will make these my last Sony purchases of any kind.

There is a good reason that this matters, not just to us, but to everyone: Sony has obviously lied about their actions, and should be held responsible. If we as consumers don't stand up and say "stop", then this will get worse. Currently computers are very powerful, but with more and more of this crap, we will all soon need Cray's to run even the simplest game smoothly because of the myriad background services that are hogging resources. I've already decided that as soon as I can I will ditch Windows (all that I need is money to buy SPSS/SAS for linux, or the ability to run SPSS in wine, and I'm good)--for the same reasons.

If I get rid of windows, then sony can't pull this crap.

Finally, is there a non-Sony-provided version of an uninstaller for this crap? I don't trust them!

One and only one thing to fix the problem (5, Insightful)

keraneuology (760918) | more than 8 years ago | (#13969293)

Anybody who buys any CD or DVD from Sony before a VP at Sony is fired over this bears direct responsibility for this. The ONLY thing that Sony will understand is a loss of business. Losing a lawsuit just won't cut it because their insurance company will bear the brunt of the loss.

If you care about this, then don't buy Sony games, music or movies. If you don't care about DRM and spyware issues then by all means go out and buy more product from them.

Is sending a clear message that you will not tolerate corporate abuses worth going a few months without shelling out $18 for a CD that has two decent tracks on it?

Accept nothing less - the public firing of the VP who oversaw the department that gave the green light to this - or no purchase of any Sony game, music or movie.

Personally I don't think enough people value unhacked systems enough to make the sacrifice. My prediction is that Sony will essentially get away with it, may have their insurance company pay a few settlement checks, and make a better attempt next time around. Or simply write enough checks to MS to ensure that the DRM is included in the Colonel (weak joke about a police state... sorry). And write enough checks to Motorola and Intel to make sure that DRM is included at the chip level. And write enough checks to US Senators to make sure that the law will back them up next time.

Again, the only recourse is to refuse to buy Sony products until a VP is fired. Nothing else will work.

Sonys time at an end (0)

Anonymous Coward | more than 8 years ago | (#13969302)

They were a great company but the time for boycott has arrived. I bid them a good day.

Violating my trust by installing rootkits and monitoring my listening habits is unacceptable and should be illegal. Now I have to use RKR to go see how many of PCs have been damaged by their fiendish malware.

Don't buy Sony products? (3, Insightful)

bigberk (547360) | more than 8 years ago | (#13969312)

Isn't the solution pretty simple? Anyone surprised that Sony is pulling shit like this? They're one of the major members of the RIAA, MPAA, CRIA... Don't be a stupid consumer -- it's ridiculous to both spend your money on something that upsets you, only to get upset more. Warn your family against Sony products
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>